Implement thorough sha256/md5 checking of existing packages in the mirror

An option to allow for this would improve the reliability of the mirroring scripts.